Organizations worried by the ever-increasing threat of cyberattacks should start by looking inward. One of the first, critical steps an organization needs to take is to ensure that all of the software running on its own network is legitimate and fully licensed.
Doing so matters, as highlighted in Seizing Opportunity Through License Compliance, this year’s Global Software Survey from BSA | The Software Alliance. As that study demonstrates, use of unlicensed software is strongly linked to the introduction of malware and all of its dangers. And once into a network, cybercriminals and malicious hacking can do significant harm.
In 2015 alone, cyberattacks cost businesses more than $400 billion. And it’s not just the immediate fallout that’s an issue. Breaches to a company’s security can have a powerful ripple effect. Enterprises can suffer damage to their reputation, and irreparable harm to hard-earned customer confidence. Even one successful cyberattack “can do serious harm to a company’s reputation and credibility,” notes the 2016 Symantec Internet Security Threat Report.
The good news is many companies do recognize the threat. In fact, this year’s survey found:
- Some 49 percent of CIOs identified security threats from malware as a major threat posed by unlicensed software.
- In a survey of workers, 60 percent cited the security risk associated with unlicensed software as a critical reason to use legitimate software.
But the bad news is that knowing about the threat is not the same as effectively working to prevent it. The global business community may be aware of the dangers of unlicensed software, but companies continue to allow it onto their networks at an alarming rate.
On this front, this year’s Global Software Survey from BSA found:
- Thirty-nine percent of software installed on computers around the world in 2015 was not properly licensed. This represents only a modest decrease from 43 percent in BSA’s previous global survey in 2013.
- Even in certain critical industries, where much tighter control of the digital environment would be expected, unlicensed use was surprisingly high. The survey found the worldwide rate is 25 percent – a full one in four – for the banking, insurance and securities industries.
- CIOs estimate that 15 percent of their employees load software on the network without their company’s knowledge, but nearly double the percentage of workers say they are loading software on the network that their company doesn’t know about.
It doesn’t have to be this way. There are four concrete steps organizations can take to curtail the use of unlicensed software and avert a host of associated cyber dangers.
The first step is to gather and maintain reliable and consistent data to assess whether the software running in your network is legitimate and fully licensed. Ensure that your biggest problem isn’t already sitting in your systems.
Next, consider your current and future business needs and align them to the right software and the right licensing model. Ensure you are getting the appropriate value for your expenditure.
Third, establish and implement policies and procedures to manage the lifecycle of your software — from procurement, to deployment, and retirement. Effective software asset management (SAM) practices need to support the business and in turn management needs to support the SAM process.
And fourth, integrate SAM practice into your organization’s internal control environment across the entire business. This includes educating employees on the proper use of software and the legal, financial, and reputational impact their software related actions can have on the organization.
Effective SAM practices are particularly powerful tools because they help organizations keep an ongoing inventory of what software is on their network and guard against unlicensed software use. SAM practices can also result in significant savings by driving out hidden inefficiencies from over-licensing applications or unused software. In fact, studies have shown that properly managing software can lead to cost savings as high as 25 percent.
To read BSA’s full Global Software Survey, including estimated rates and commercial values of the unlicensed PC software installed last year in more than 100 countries around the world, visit www.bsa.org/globalstudy.